Merge branch 'MDL-81110-main' of https://github.com/roland04/moodle
[moodle.git] / badges / backpackemailverify.php
blob365331c28a21f78fe6eb6d54a7239cc6cf95935a
1 <?php
2 // This file is part of Moodle - http://moodle.org/
3 //
4 // Moodle is free software: you can redistribute it and/or modify
5 // it under the terms of the GNU General Public License as published by
6 // the Free Software Foundation, either version 3 of the License, or
7 // (at your option) any later version.
8 //
9 // Moodle is distributed in the hope that it will be useful,
10 // but WITHOUT ANY WARRANTY; without even the implied warranty of
11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 // GNU General Public License for more details.
14 // You should have received a copy of the GNU General Public License
15 // along with Moodle. If not, see <http://www.gnu.org/licenses/>.
17 /**
18 * Endpoint for the verification email link.
20 * @package core
21 * @subpackage badges
22 * @copyright 2016 Jake Dallimore <jrhdallimore@gmail.com>
23 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
25 require_once(__DIR__ . '/../config.php');
26 require_once($CFG->libdir . '/badgeslib.php');
28 $data = optional_param('data', '', PARAM_RAW);
29 require_login();
30 $PAGE->set_url('/badges/backpackemailverify.php');
31 $PAGE->set_context(context_user::instance($USER->id));
32 $redirect = '/badges/mybackpack.php';
34 // Confirm the secret and create the backpack connection.
35 $storedsecret = get_user_preferences('badges_email_verify_secret');
36 if (!is_null($storedsecret)) {
37 if ($data === $storedsecret) {
38 $storedemail = get_user_preferences('badges_email_verify_address');
39 $backpackid = get_user_preferences('badges_email_verify_backpackid');
40 $password = get_user_preferences('badges_email_verify_password');
42 $backpack = badges_get_site_backpack($backpackid);
44 $data = new stdClass();
45 $data->email = $storedemail;
46 $data->password = $password;
47 $data->externalbackpackid = $backpackid;
48 $bp = new \core_badges\backpack_api($backpack, $data);
50 // Make sure we have all the required information before trying to save the connection.
51 $backpackuid = $bp->authenticate();
52 if (empty($backpackuid) || !empty($backpackuid->error)) {
53 redirect(new moodle_url($redirect), get_string('backpackconnectionunexpectedresult', 'badges', $backpackuid->error),
54 null, \core\output\notification::NOTIFY_ERROR);
57 $values = [
58 'userid' => $USER->id,
59 'backpackemail' => $data->email,
60 'externalbackpackid' => $backpackid,
61 'backpackuid' => $backpackuid,
62 'autosync' => 0,
63 'password' => $password
65 badges_save_backpack_credentials((object) $values);
67 // Remove the verification vars and redirect to the mypackpack page.
68 unset_user_preference('badges_email_verify_secret');
69 unset_user_preference('badges_email_verify_address');
70 unset_user_preference('badges_email_verify_backpackid');
71 unset_user_preference('badges_email_verify_password');
72 redirect(new moodle_url($redirect), get_string('backpackemailverifysuccess', 'badges'),
73 null, \core\output\notification::NOTIFY_SUCCESS);
74 } else {
75 // Stored secret doesn't match the supplied secret. Take user back to the mybackpack page and present a warning message.
76 redirect(new moodle_url($redirect), get_string('backpackemailverifytokenmismatch', 'badges'),
77 null, \core\output\notification::NOTIFY_ERROR);
79 } else {
80 // Stored secret is null. Either the email address has already been verified, or there is no record of a verification attempt
81 // for the current user. Either way, just redirect to the mybackpack page.
82 redirect(new moodle_url($redirect));